urlscan.io logo urlscan.io
SecurityTrails logo

rek-1.ru Open in urlscan Pro
2606:4700:3037::6815:4765  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rek-1.ru/
Effective URL: https://rek-1.ru/
Submission: On March 11 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3037::6815:4765, located in United States and belongs to CLOUDFLARENET, US. The main domain is rek-1.ru.
TLS certificate: Issued by E1 on February 21st 2022. Valid for: 3 months.
This is the only time rek-1.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 172.67.175.252 13335 (CLOUDFLAR...)
1 2 2a02:6b8::1:119 208722 (YNDX)
13 6
2    2606:4700:3037::6815:4765 (United States)

ASN13335 (CLOUDFLARENET, US)
rek-1.ru
4    2404:6800:4004:825::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
4    2404:6800:4004:808::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.67.175.252 (United States)

ASN13335 (CLOUDFLARENET, US)
cloud.antibot.cloud
2    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
Apex Domain
Subdomains		 Transfer
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
338 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
41 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2926
864 B
2 rek-1.ru
rek-1.ru
4 KB
1 antibot.cloud
cloud.antibot.cloud — Cisco Umbrella Rank: 206569
676 B
13 5
Domain Requested by
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com rek-1.ru
www.gstatic.com
www.google.com
2 mc.yandex.ru 1 redirects
2 fonts.gstatic.com www.google.com
2 rek-1.ru 1 redirects
1 cloud.antibot.cloud rek-1.ru
13 6

This site contains no links.

Subject Issuer Validity Valid
*.rek-1.ru
E1		 2022-02-21 -
2022-05-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rek-1.ru/
Frame ID: BFBC377D1F00E685C56657F42B76D8BF
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
Frame ID: 37F76B86E36DC8D45F611E5A7A163768
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://rek-1.ru/ HTTP 301
    https://rek-1.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

13
Requests

92 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

383 kB
Transfer

877 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rek-1.ru/ HTTP 301
    https://rek-1.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://mc.yandex.ru/pixel/6677347880582999110?rnd=%aw_random% HTTP 302
  • https://mc.yandex.ru/pixel/6677347880582999110?rnd=%25aw_random%25&redir=1

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rek-1.ru/
Redirect Chain
  • http://rek-1.ru/
  • https://rek-1.ru/
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rek-1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72057ced904127a29cbe9ca1e9191cbc62ea53907f7f6bab867b79092ef53da7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

date
Fri, 11 Mar 2022 16:08:19 GMT
content-type
text/html; charset=UTF-8
x-robots-tag
noindex
expires
Mon, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
link
<https://cloud.antibot.cloud/>; rel=dns-prefetch
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3f91MHSSDiTcOpNhECbw%2FSYAScxki5pBYhl0iT9IcwXSjr7tipxEUBSQ9QBUfWugQkpwgN9uoT%2BizM5rej1jqAlDiLPFYv4dI7s9hnCFTxtW47WYqiJDvVbNC2JlJvQ25nDByzn20w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ea58c46ef318095-NRT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 11 Mar 2022 16:08:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 11 Mar 2022 17:08:17 GMT
Location
https://rek-1.ru/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8UTZf%2F63ybpadwTsv0RtucnM3rZFeqw8hZcdF1%2FAEi436yPu4Rt3VEeJFA76183NhWxocFRZZTjT5oRdOFyUwwLGV%2FxilPLNWnRc7RuYnK2FCMYv%2FsY4d65IAkaAyKJy3SczMKFYw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ea58c46ac5b8099-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		884 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP
Requested by
Host: rek-1.ru
URL: https://rek-1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e887cee3b2d9482fe9dde3a2dc65269d0ac6fe1e506fbc016bcbfd79b0732b64
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://rek-1.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 16:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Fri, 11 Mar 2022 16:08:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ 		357 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rek-1.ru/
Origin
https://rek-1.ru
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 07:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143659
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Mar 2023 07:33:53 GMT
anchor
www.google.com/recaptcha/api2/ Frame 37F7 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c4b10dbe8e66a773d2839bcb899dcb8d7bdbf294276a50c9ea1eaf3d3142e75d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JNXeEhHP0qTn53IN7eZGzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://rek-1.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 11 Mar 2022 16:08:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-JNXeEhHP0qTn53IN7eZGzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22042
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 37F7 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 20:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Mar 2023 20:10:45 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 37F7 		357 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 07:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143659
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Mar 2023 07:33:53 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 37F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 23:28:49 GMT
x-content-type-options
nosniff
age
405570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sun, 13 Mar 2022 23:28:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 37F7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 23:26:39 GMT
x-content-type-options
nosniff
age
405700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 23:26:39 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 37F7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 03:58:07 GMT
x-content-type-options
nosniff
age
43812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Mar 2023 03:58:07 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 37F7 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=85AXn53af-oJBEtL2o2WpAjZ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e9707e0f26dd47c5a91ff3582091109a33aeeb6eac0253ed617fb58bc0be7039
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 16:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 11 Mar 2022 16:08:19 GMT
reload
www.google.com/recaptcha/api2/ Frame 37F7 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
be61f76ff8836c5c16afd8d4722d15f08e2c229bcc7f67561b4b06ac5f9ef825
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lei7NsaAAAAAAxxI9cAS-RXWzzWfZZKWDC0U2xP&co=aHR0cHM6Ly9yZWstMS5ydTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=ptex0un5ax3m
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Fri, 11 Mar 2022 16:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18083
x-xss-protection
1; mode=block
expires
Fri, 11 Mar 2022 16:08:19 GMT
antibot7.php
cloud.antibot.cloud/ 		13 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.antibot.cloud/antibot7.php
Requested by
Host: rek-1.ru
URL: https://rek-1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc325d4f58a20b2cdef19bb27ed04221f085abf18fa856e310fa839914c79d1e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rek-1.ru/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded;

Response headers

date
Fri, 11 Mar 2022 16:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
POST
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23%2F8tpLbXMuBlmGVs3vcT0kn5ggZXLBxrmUn6If67kPT49DuAhfKeMrpJ7XJCYZz402zZf64O0ggw%2BzxZ%2Bjc8R%2FIkOW6bRNeju82kdT%2BGX54x6z5Z5dlQJQDO4mHVTZX9USHHPmy"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
6ea58c552d5d34c9-NRT
access-control-allow-headers
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
6677347880582999110
mc.yandex.ru/pixel/
Redirect Chain
  • https://mc.yandex.ru/pixel/6677347880582999110?rnd=%aw_random%
  • https://mc.yandex.ru/pixel/6677347880582999110?rnd=%25aw_random%25&redir=1
43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/pixel/6677347880582999110?rnd=%25aw_random%25&redir=1
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 16:08:21 GMT
last-modified
Fri, 11-Mar-2022 16:08:21 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 11-Mar-2022 16:08:21 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 16:08:21 GMT
last-modified
Fri, 11-Mar-2022 16:08:21 GMT
strict-transport-security
max-age=31536000
location
/pixel/6677347880582999110?rnd=%25aw_random%25&redir=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Fri, 11-Mar-2022 16:08:21 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| b64_to_utf8 string| country string| action string| h1 string| h2 string| ipfull string| ip string| via string| v string| re string| rk string| ho string| cid string| ptr number| width number| height number| cwidth number| cheight number| colordepth number| pixeldepth string| phpreferrer string| referrer function| Button function| CloudTest object| recaptcha object| closure_lm_794566

10 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AG6mx8MIJZUlgKsbNN2N3h2AVSNsxF9eN4fUra4vI2dmywRepsV-ytPx9t0t2POlbICcBGqWkbmhl1V-53IEbx0
rek-1.ru/ Name: antibot_uid
Value: ae843cf77ff5f007508a71552288be36
rek-1.ru/ Name: antibot_country
Value: NL
rek-1.ru/ Name: antibot_lang
Value: jp
rek-1.ru/ Name: antibot_ptr
Value: 2a00%3A1633%3A0128%3A0004%3A0000%3A0000%3A0000%3A0004
.yandex.ru/ Name: yandexuid
Value: 1799140011647014901
.yandex.ru/ Name: yuidss
Value: 1799140011647014901
mc.yandex.ru/ Name: yabs-sid
Value: 790002931647014901
.yandex.ru/ Name: i
Value: I1ODlPnaxH/zlij4vo6PuAiPAqDRxFV0UNEguXWFCqja7AFcp2pDC9Fao2uQygWOUQjizllDafhJ4AZtCASgI8Egmyg=
.yandex.ru/ Name: ymex
Value: 1962374901.yrts.1647014901#1962374901.yrtsi.1647014901